Rust integer overflow bugs in release mode are still much safer than C++ integer overflows -- Rust integer overflow is well-defined to wrap in release mode, whereas it is UB in C++.
That's not meaningfully safer which is why it's still a panic in debug builds. It's really just kinda worse even. You can't use it as a programmer (because it panics) and the compiler can't use it even though you've already promised (and debug mode verified) that it never happens.
If you want an add to wrap, you should use a wrapped_add, useful for angle math or whatever. If you want it to saturate, use a saturating_add, and if you want to check for overflow, use a checked_add. If I were to write a rust coding standard it would prohibit + in favor of explicitly using those functions.
kllrnohj|3 years ago
galangalalgol|3 years ago